Job Description:
Trigyn's direct government client has an immediate need for an Information Security Engineer in Baltimore, MD. The particulars of the opportunity are below:
Description:
The client is looking for a consultant for the role of Information Security Engineer - Endpoint (focus on Endpoint Security). In this role, you will be responsible for operation, administration, and maintenance of the endpoint security capabilities used to monitor, detect, prevent, track, report, and remediate malicious artifacts on client’s servers and workstations.
Information Security Endpoint Engineer’s responsibilities may include but are not limited to:
• Implement, operate, administer, and maintain client’s endpoint security capabilities.
• Monitor and respond to alerts from CISCO AMP.
• Ensure all workstations and servers have recent AMP agent installed.
• Support incident response and maintenance of Incident Response Plan.
• Troubleshoot and be the technical point of contact for any issues that may arise from endpoint security instrumentation on Unix/Linux or Microsoft Windows systems.
• Conduct gap analysis and provide recommendations for improvements to the client’s endpoint security architecture.
• Develop technical mitigation and remediation strategies to deal with threats on client’s endpoints.
• Develop metrics to ensure the system is operating as designed, identify patterns of alerts and support analysis to drive improvements to our security posture.
• Provide monthly metrics for endpoint security.
• Collaborate with Information Security team and support other stakeholders in threat hunting and other activities.
• Provide technical expertise and operational planning support for implementing Endpoint Security products across client's endpoints.
• Document endpoint architecture, processes and procedures that go into endpoint security management.
• Provide regular status updates and briefings to Information Security management and outside stakeholders.
• Support security engineering assessments on new systems and major upgrades as bandwidth allows.
Minimum Education and Experience Requirements:
• Bachelor of Science degree in computer engineering/science or related field.
• Five plus (5+) years of related specialty IT experience (for example, but not limited to: system engineering, desktop engineering, scripting and packaging, network engineering, information security, etc.).
• 4 plus (4+) years of experience administrating endpoint security solutions
• 2 plus (2+) years of experience working with Endpoint Detection and Response (EDR) tools such as: FireEye HX, Carbon Black, Tanium, Microsoft Defender ATP, CrowdStrike Falcon Insight, and other equivalent toolsets.
• 2 plus years of experience working with Antivirus (AV) tools such as: Microsoft Defender, Symantec Endpoint Protection, McAfee ePO, Bitdefender, and other equivalent toolsets.
• Knowledge of MITRE ATT & CK techniques preferred
• Relevant certifications (e.g., CISSP, CCSP, CEH, Security+, Network+, etc.) preferred.
Required Skills, Knowledge and Abilities:
• Experience with troubleshooting Unix/Linux and Microsoft Windows systems.
• Solid understanding of security fundamentals and information security control frameworks.
• Basic technical understanding in the following areas: network communication using TCP/IP protocols, basic system administration, virtual systems, active directory architecture, cloud technologies, web proxies, etc.
• Good team player, self-confident, motivated, and independent, capable of working with little to no instructions.
• Ability to multi-task and work under pressure in a fast-paced environment.
• Attention to details and good problem-solving skills.
• Advanced communications and presentations skills (verbal and written) enabling precise conveyance of information.
BALTIMORE CITY RESIDENTS ARE ENCOURAGED TO APPLY!
For Immediate Response call 732-876-7622, or send your resume to RecruiterJK@Trigyn.com
TRIGYN TECHNOLOGIES, INC. is an EQUAL OPPORTUNITY EMPLOYER and has been in business for 35 years. TRIGYN is an ISO 9001:2015, , ISO 27001:2013 (ISMS),ISO 20000:2018 and CMMI Level 5 certified company.